On 04/10/13 08:52, Peter Gutmann wrote:
Jon Callas <j...@callas.org> writes:
In Silent Text, we went far more to the "one true ciphersuite" philosophy. I
think that Iang's writings on that are brilliant.
Absolutely. The one downside is that you then need to decide what the OTS is
going to be. For example Mozilla (at least via Firefox) seems to think it
involves Camellia (!!!?!!?).
Surely that's precisely because they (and SSL/TLS generally) _don't_
have a One True Suite, they have a "pick a suite, any suite" approach?
Weird/vanity/local ciphers are "preferred" in the sense that NSS
assumes that if you put a cipher that no-one normal uses in your
list of acceptable ciphers, you probably really wanted to use it.
http://crypto.stackexchange.com/a/6548/5249
https://bug430875.bugzilla.mozilla.org/attachment.cgi?id=319703
So when servers and browsers that aren't required to use it by the
Japanese government include it just because it's lying around
and why not, it gets chosen over AES for no particular reason.
But that's not the same as making it part of the One True Suite.
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
